No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Problem with multicast traffic: ICMP packets affecting the service: CX600

Publication Date:  2012-07-27 Views:  222 Downloads:  0
Issue Description
The multicast traffic between a CX600-X8 and a S8508 devices was affected, dropping some packets. Reviewing the status of the CX600-X8 we discovered a very high CPU usages:
<CX600-X8>disp healt
Slot                CPU Usage  Memory Usage(Used/Total)  
---------------------------------------------------------
10 MPU(Master)          8%           16%  300MB/1877MB 
 1 LPU                 82%           37%  317MB/849MB  
 8 LPU                 81%           37%  317MB/849MB 
---------------------------------------------------------
We reviewed the traffic sent to the CPU of the LPUs and discovered that there were lot of ICMP messages sent to the CPU.
We must understand that ICMP packets and reserved multicast packets are sent to the CPU of the LPUs in the CX600-X8 devices (also other packets).
As the ICMP packets was very high, reserved multicast packets were dropped in the LPU affecting the IPTV service.
Alarm Information
It was no alarm.
Handling Process
The configuration necessary to protect the CPU of the LPUs is:
#
cpu-defend policy <NAME>
 car icmp cir <CAR>
#
slot <LPU_NUMBER>
  cpu-defend-policy <NAME>
#
Also we can protect the CPU of the LPU from other kind of packets (telnet-client, arp, bfd, etc...)
Root Cause
The problem is the high cpu usages due to lot of ICMP packets send to this router with ttl=1.
One option to avoid this kind of attacks is to configure a "cpu-defend policy", configuring a rate limit in the ICMP packets sent to the CPU of the LPU.
Suggestions

END